kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
  name: d8-read-only-root-filesystem
tests:
  - name: security-policy
    template: ../../templates/security/read-only-root-filesystem.yaml
    constraint: constraint_security_policy.yaml
    cases:
      - name: example-allowed
        inventory:
          - ../common/test_samples/ns.yaml
        object: test_samples/security_policy/allowed.yaml
        assertions:
          - violations: no
      - name: example-disallowed
        inventory:
          - ../common/test_samples/ns.yaml
        object: test_samples/security_policy/disallowed.yaml
        assertions:
          - violations: yes
      - name: example-disallowed-2
        inventory:
          - ../common/test_samples/ns.yaml
        object: test_samples/security_policy/disallowed2.yaml
        assertions:
          - violations: yes
      - name: example-disallowed-3
        inventory:
          - ../common/test_samples/ns.yaml
        object: test_samples/security_policy/disallowed3.yaml
        assertions:
          - violations: yes
